Securing PHP Web Applications
Exploit testing using CAL9000
August 13, 2009
|
Exploring deeper into PHP exploit testing, we'll take a look
at CAL9000 an exploit testing toolkit.
|
|
Excerpted from Securing PHP Web Applications. By Tricia Ballad and William Ballad. ISBN: ISBN-10: 0-321-53434-4, ISBN-13: 978-0-321-53434-7, Copyright 2009. Used with the permission of InformIt. |
|
We'll use CAL9000 to demonstrate the uses of an exploit
testing toolkit. Like most toolkits, it focuses on a
specific type of attack. In this case, its primary focus is
on cross-site scripting attacks.
Obtaining CAL9000
CAL9000 is written in JSP, HTML, and XML so it's completely platform independent. You can download it from http://www.owasp.org/index.php/Category:OWASP_CAL9000_ Project. Scroll down to the “Downloads” section, as shown in Figure 15.10.
Click here for larger image
Figure 15.10 - Find the “Downloads” section of the CAL9000 Web site.
When the download is complete, unzip the archive and open
the CAL9000.html file in your Web browser, as shown in
Figure 15.11. Firefox (available from http://www.mozilla
.com/firefox/) is the recommended Web browser for use
with CAL9000.
Click here for larger image
Figure 15.11 - The CAL9000 testing toolkit.
At this point, you've successfully obtained the CAL9000
testing toolkit. In the next section, we'll walk through
what you can do with CAL9000.
Using CAL9000
CAL9000 is a collection of nine tools that are used to test
Web applications for security vulnerabilities, specifically
cross-site scripting. You can use some of these tools to
test for other types of vulnerabilities, but the primary
focus of this toolkit is on cross-site scripting. In this
section, we'll walk you through the CAL9000 interface and
describe each of the nine tools:
- XSS Attacks
- Encode/Decode
- HTTP Requests
- HTTP Responses
- Scratch Pad
- Cheat Sheets
- Misc Tools
- Checklist
- AutoAttack
We'll start off at the top of the list with the XSS Attacks
tab.
XSS Attacks
On the CAL9000.html page, click the XSS Attacks tab, as shown in Figure 15.12.
Click here for larger image
Figure 15.12 - Click on the XSS Attacks tab
This will bring up the XSS Attacks tool page. This is a
dictionary of known XSS attacks. Click on one of the attacks
listed in the attacks menu on the left side of the screen,
as shown in Figure 15.13.
Click here for larger image
Figure 15.13 - Using the XSS Attacks screen.
On the right side of the screen, you will see the attack
code in the top text box, and a description of what the
attack is designed to do in the bottom text box. On this
page, there is also an editor that allows you to create your
own customized attack code and save it to the dictionary.
There is also a regular expression tester at the bottom of
the page.
Introduction to Exploit Testing
Introduction to Exploit Testing
Encode/Decode
|
